package org.summer.gateway.security;

import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.summer.common.http.Result;
import org.summer.common.http.ResultCode;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import org.summer.gateway.handler.ServerResponseHandler;
import reactor.core.publisher.Mono;

/**
 * 用户权限不足,拒绝访问处理
 */
@Log4j2
@Component
@RequiredArgsConstructor
public class AccessDeniedHandler implements ServerAccessDeniedHandler {
    private final ServerResponseHandler responseHandler;
    @Override
    public Mono<Void> handle(ServerWebExchange exchange, AccessDeniedException denied) {
        log.info("用户请求权限不足,如果需要请求次资源,请求联系管理员提升权限");
        return responseHandler.handlerResponse(exchange, Result.fail(ResultCode.FORBIDDEN),HttpStatus.FORBIDDEN);
    }
}
